List of usage examples for com.amazonaws.services.ec2.model KeyPair getKeyFingerprint
public String getKeyFingerprint()
The SHA-1 digest of the DER encoded private key.
From source file:AwsSample.java
License:Open Source License
public static void main(String[] args) throws Exception { BasicAWSCredentials credentials = new BasicAWSCredentials("", ""); /********************************************* * /* www. ja v a2s .c om*/ * #1 Create Amazon Client object * *********************************************/ System.out.println("#1 Create Amazon Client object"); ec2 = new AmazonEC2Client(credentials); try { /********************************************* * * #2 Describe Availability Zones. * *********************************************/ System.out.println("#2 Describe Availability Zones."); DescribeAvailabilityZonesResult availabilityZonesResult = ec2.describeAvailabilityZones(); System.out.println("You have access to " + availabilityZonesResult.getAvailabilityZones().size() + " Availability Zones."); /********************************************* * * #3 Describe Available Images * *********************************************/ System.out.println("#3 Describe Available Images"); DescribeImagesResult dir = ec2.describeImages(); List<Image> images = dir.getImages(); System.out.println("You have " + images.size() + " Amazon images"); /********************************************* * * #4 Describe Key Pair * *********************************************/ System.out.println("#9 Describe Key Pair"); DescribeKeyPairsResult dkr = ec2.describeKeyPairs(); System.out.println(dkr.toString()); /********************************************* * * #5 Describe Current Instances * *********************************************/ System.out.println("#4 Describe Current Instances"); DescribeInstancesResult describeInstancesRequest = ec2.describeInstances(); List<Reservation> reservations = describeInstancesRequest.getReservations(); Set<Instance> instances = new HashSet<Instance>(); // add all instances to a Set. for (Reservation reservation : reservations) { instances.addAll(reservation.getInstances()); } System.out.println("You have " + instances.size() + " Amazon EC2 instance(s)."); for (Instance ins : instances) { // instance id String instanceId = ins.getInstanceId(); // instance state InstanceState is = ins.getState(); System.out.println(instanceId + " " + is.getName()); } /////////////////////////////////////// String Temp_Group = "Testgroup1"; //name of the group CreateSecurityGroupRequest r1 = new CreateSecurityGroupRequest(Temp_Group, "temporal group"); ec2.createSecurityGroup(r1); AuthorizeSecurityGroupIngressRequest r2 = new AuthorizeSecurityGroupIngressRequest(); r2.setGroupName(Temp_Group); /*************the property of http*****************/ IpPermission permission = new IpPermission(); permission.setIpProtocol("tcp"); permission.setFromPort(80); permission.setToPort(80); List<String> ipRanges = new ArrayList<String>(); ipRanges.add("0.0.0.0/0"); permission.setIpRanges(ipRanges); /*************the property of SSH**********************/ IpPermission permission1 = new IpPermission(); permission1.setIpProtocol("tcp"); permission1.setFromPort(22); permission1.setToPort(22); List<String> ipRanges1 = new ArrayList<String>(); ipRanges1.add("0.0.0.0/22"); permission1.setIpRanges(ipRanges1); /*************the property of https**********************/ IpPermission permission2 = new IpPermission(); permission2.setIpProtocol("tcp"); permission2.setFromPort(443); permission2.setToPort(443); List<String> ipRanges2 = new ArrayList<String>(); ipRanges2.add("0.0.0.0/0"); permission2.setIpRanges(ipRanges2); /*************the property of tcp**********************/ IpPermission permission3 = new IpPermission(); permission3.setIpProtocol("tcp"); permission3.setFromPort(0); permission3.setToPort(65535); List<String> ipRanges3 = new ArrayList<String>(); ipRanges3.add("0.0.0.0/0"); permission3.setIpRanges(ipRanges3); /**********************add rules to the group*********************/ List<IpPermission> permissions = new ArrayList<IpPermission>(); permissions.add(permission); permissions.add(permission1); permissions.add(permission2); permissions.add(permission3); r2.setIpPermissions(permissions); ec2.authorizeSecurityGroupIngress(r2); List<String> groupName = new ArrayList<String>(); groupName.add(Temp_Group);//wait to out our instance into this group /********************************************* * * #6.2 Create a New Key Pair * *********************************************/ CreateKeyPairRequest newKeyRequest = new CreateKeyPairRequest(); newKeyRequest.setKeyName("Test_Key2"); CreateKeyPairResult keyresult = ec2.createKeyPair(newKeyRequest); /************************print the properties of this key*****************/ KeyPair kp = new KeyPair(); kp = keyresult.getKeyPair(); System.out.println("The key we created is = " + kp.getKeyName() + "\nIts fingerprint is=" + kp.getKeyFingerprint() + "\nIts material is= \n" + kp.getKeyMaterial()); String fileName = "C:/Users/Akhil/workspace/Test_Key2.pem"; File distFile = new File(fileName); BufferedReader bufferedReader = new BufferedReader(new StringReader(kp.getKeyMaterial())); BufferedWriter bufferedWriter = new BufferedWriter(new FileWriter(distFile)); char buf[] = new char[1024]; int len; while ((len = bufferedReader.read(buf)) != -1) { bufferedWriter.write(buf, 0, len); } bufferedWriter.flush(); bufferedReader.close(); bufferedWriter.close(); //String myinstance; /********************************************* * * #6 Create an Instance * *********************************************/ System.out.println("#5 Create an Instance"); String imageId = "ami-76f0061f"; //Basic 32-bit Amazon Linux AMI int minInstanceCount = 1; // create 1 instance int maxInstanceCount = 1; RunInstancesRequest rir = new RunInstancesRequest(imageId, minInstanceCount, maxInstanceCount); rir.setKeyName("Test_Key2"); rir.withSecurityGroups("Testgroup1"); RunInstancesResult result = ec2.runInstances(rir); //get instanceId from the result List<Instance> resultInstance = result.getReservation().getInstances(); String createdInstanceId = null; String myAvailabilityZone = null; for (Instance ins : resultInstance) { createdInstanceId = ins.getInstanceId(); System.out.println("New instance has been created: " + ins.getInstanceId()); //myinstance = ins.getInstanceId(); } Thread.currentThread().sleep(60000); /********************************************* * * * Create a New Volume and attach it * ***********************************************/ List<Instance> resultInstance2 = result.getReservation().getInstances(); createdInstanceId = null; for (Instance ins : resultInstance2) { createdInstanceId = ins.getInstanceId(); System.out.println("New instance has been created: " + ins.getInstanceId());//print the instance ID /********************************************* * * #6.4 Create an Instance * *********************************************/ CreateVolumeRequest newVol = new CreateVolumeRequest(1, "us-east-1a"); CreateVolumeResult volresult = ec2.createVolume(newVol); Volume vol1 = volresult.getVolume(); String volId = vol1.getVolumeId(); Thread.currentThread().sleep(30000); AttachVolumeRequest attachRequest = new AttachVolumeRequest().withInstanceId(createdInstanceId) .withVolumeId(volId); attachRequest.withDevice("/dev/sda5"); ec2.attachVolume(attachRequest); System.out.println("EBS volume has been attached and the volume ID is: " + volId); } /********************************************* * * #7 Create a 'tag' for the new instance. * *********************************************/ System.out.println("#6 Create a 'tag' for the new instance."); List<String> resources = new LinkedList<String>(); List<Tag> tags = new LinkedList<Tag>(); Tag nameTag = new Tag("Akhil", "MyFirstInstance"); resources.add(createdInstanceId); tags.add(nameTag); CreateTagsRequest ctr = new CreateTagsRequest(resources, tags); ec2.createTags(ctr); /********************************************* * * #8 Stop/Start an Instance * *********************************************/ System.out.println("#7 Stop the Instance"); List<String> instanceIds = new LinkedList<String>(); instanceIds.add(createdInstanceId); //stop StopInstancesRequest stopIR = new StopInstancesRequest(instanceIds); ec2.stopInstances(stopIR); //start StartInstancesRequest startIR = new StartInstancesRequest(instanceIds); ec2.startInstances(startIR); System.out.println("#8 Getting DNS, IP."); DescribeInstancesRequest request = new DescribeInstancesRequest(); request.setInstanceIds(instanceIds); DescribeInstancesResult result1 = ec2.describeInstances(request); List<Reservation> reservations1 = result1.getReservations(); List<Instance> instances1; for (Reservation res : reservations1) { instances1 = res.getInstances(); for (Instance ins1 : instances1) { System.out .println("The public DNS is: " + ins1.getPublicDnsName() + "\n" + ins1.getRamdiskId()); System.out.println("The private IP is: " + ins1.getPrivateIpAddress()); System.out.println("The public IP is: " + ins1.getPublicIpAddress()); } /********************************************* * #10 Terminate an Instance * *********************************************/ System.out.println("#8 Terminate the Instance"); TerminateInstancesRequest tir = new TerminateInstancesRequest(instanceIds); //ec2.terminateInstances(tir); /********************************************* * * #11 shutdown client object * *********************************************/ ec2.shutdown(); } } catch (AmazonServiceException ase) { System.out.println("Caught Exception: " + ase.getMessage()); System.out.println("Reponse Status Code: " + ase.getStatusCode()); System.out.println("Error Code: " + ase.getErrorCode()); System.out.println("Request ID: " + ase.getRequestId()); } }
From source file:fr.xebia.cloud.amazon.aws.iam.AmazonAwsIamAccountCreator.java
License:Apache License
/** * <p>// www . ja v a 2s .c om * Create an Amazon IAM account and send the details by email. * </p> * <p> * Created elements: * </p> * <ul> * <li>password to login to the management console if none exists,</li> * <li>accesskey if none is active,</li> * <li></li> * </ul> * * @param userName valid email used as userName of the created account. */ public void createUser(@Nonnull final String userName, GetGroupResult groupDescriptor, String keyPairName) throws Exception { Preconditions.checkNotNull(userName, "Given userName can NOT be null"); logger.info("Process user {}", userName); List<String> userAccountChanges = Lists.newArrayList(); Map<String, String> templatesParams = Maps.newHashMap(); templatesParams.put("awsCredentialsHome", "~/.aws"); templatesParams.put("awsCommandLinesHome", "/opt/amazon-aws"); User user; try { user = iam.getUser(new GetUserRequest().withUserName(userName)).getUser(); } catch (NoSuchEntityException e) { logger.debug("User {} does not exist, create it", userName, e); user = iam.createUser(new CreateUserRequest(userName)).getUser(); userAccountChanges.add("Create user"); } List<BodyPart> attachments = Lists.newArrayList(); // AWS WEB MANAGEMENT CONSOLE LOGIN & PASSWORD try { LoginProfile loginProfile = iam.getLoginProfile(new GetLoginProfileRequest(user.getUserName())) .getLoginProfile(); templatesParams.put("loginUserName", loginProfile.getUserName()); templatesParams.put("loginPassword", "#your password has already been generated and sent to you#"); logger.info("Login profile already exists {}", loginProfile); } catch (NoSuchEntityException e) { // manually add a number to ensure amazon policy is respected String password = RandomStringUtils.randomAlphanumeric(10) + random.nextInt(10); LoginProfile loginProfile = iam .createLoginProfile(new CreateLoginProfileRequest(user.getUserName(), password)) .getLoginProfile(); userAccountChanges.add("Create user.login"); templatesParams.put("loginUserName", loginProfile.getUserName()); templatesParams.put("loginPassword", password); } // ADD USER TO GROUP Group group = groupDescriptor.getGroup(); List<User> groupMembers = groupDescriptor.getUsers(); boolean isUserInGroup = Iterables.any(groupMembers, new Predicate<User>() { public boolean apply(User groupMember) { return userName.equals(groupMember.getUserName()); } ; }); if (!isUserInGroup) { logger.debug("Add user {} to group {}", user, group); iam.addUserToGroup(new AddUserToGroupRequest(group.getGroupName(), user.getUserName())); groupMembers.add(user); userAccountChanges.add("Add user to group"); } // ACCESS KEY boolean activeAccessKeyExists = false; ListAccessKeysResult listAccessKeysResult = iam .listAccessKeys(new ListAccessKeysRequest().withUserName(user.getUserName())); for (AccessKeyMetadata accessKeyMetadata : listAccessKeysResult.getAccessKeyMetadata()) { StatusType status = StatusType.fromValue(accessKeyMetadata.getStatus()); if (StatusType.Active.equals(status)) { logger.info("Access key {} ({}) is already active, don't create another one.", accessKeyMetadata.getAccessKeyId(), accessKeyMetadata.getCreateDate()); activeAccessKeyExists = true; templatesParams.put("accessKeyId", accessKeyMetadata.getAccessKeyId()); templatesParams.put("accessKeySecretId", "#accessKey has already been generated and the secretId has been sent to you#"); break; } } if (!activeAccessKeyExists) { AccessKey accessKey = iam.createAccessKey(new CreateAccessKeyRequest().withUserName(user.getUserName())) .getAccessKey(); userAccountChanges.add("Create user.accessKey"); logger.debug("Created access key {}", accessKey); templatesParams.put("accessKeyId", accessKey.getAccessKeyId()); templatesParams.put("accessKeySecretId", accessKey.getSecretAccessKey()); // email attachment: aws-credentials.txt { BodyPart awsCredentialsBodyPart = new MimeBodyPart(); awsCredentialsBodyPart.setFileName("aws-credentials.txt"); templatesParams.put("attachedCredentialsFileName", awsCredentialsBodyPart.getFileName()); String awsCredentials = FreemarkerUtils.generate(templatesParams, "/fr/xebia/cloud/amazon/aws/iam/aws-credentials.txt.ftl"); awsCredentialsBodyPart.setContent(awsCredentials, "text/plain"); attachments.add(awsCredentialsBodyPart); } } // SSH KEY PAIR if (keyPairName == null) { // If keyPairName is null, generate it from the username if (userName.endsWith("@xebia.fr") || userName.endsWith("@xebia.com")) { keyPairName = userName.substring(0, userName.indexOf("@xebia.")); } else { keyPairName = userName.replace("@", "_at_").replace(".", "_dot_").replace("+", "_plus_"); } } try { List<KeyPairInfo> keyPairInfos = ec2 .describeKeyPairs(new DescribeKeyPairsRequest().withKeyNames(keyPairName)).getKeyPairs(); KeyPairInfo keyPairInfo = Iterables.getOnlyElement(keyPairInfos); logger.info("SSH key {} already exists. Don't overwrite it.", keyPairInfo.getKeyName()); templatesParams.put("sshKeyName", keyPairInfo.getKeyName()); templatesParams.put("sshKeyFingerprint", keyPairInfo.getKeyFingerprint()); String sshKeyFileName = keyPairName + ".pem"; URL sshKeyFileURL = Thread.currentThread().getContextClassLoader().getResource(sshKeyFileName); if (sshKeyFileURL != null) { logger.info("SSH Key file {} found.", sshKeyFileName); BodyPart keyPairBodyPart = new MimeBodyPart(); keyPairBodyPart.setFileName(sshKeyFileName); templatesParams.put("attachedSshKeyFileName", keyPairBodyPart.getFileName()); keyPairBodyPart.setContent(Resources.toString(sshKeyFileURL, Charsets.ISO_8859_1), "application/x-x509-ca-cert"); attachments.add(keyPairBodyPart); } else { logger.info("SSH Key file {} NOT found.", sshKeyFileName); } } catch (AmazonServiceException e) { if ("InvalidKeyPair.NotFound".equals(e.getErrorCode())) { // ssh key does not exist, create it KeyPair keyPair = ec2.createKeyPair(new CreateKeyPairRequest(keyPairName)).getKeyPair(); userAccountChanges.add("Create ssh key"); logger.info("Created ssh key {}", keyPair); templatesParams.put("sshKeyName", keyPair.getKeyName()); templatesParams.put("sshKeyFingerprint", keyPair.getKeyFingerprint()); BodyPart keyPairBodyPart = new MimeBodyPart(); keyPairBodyPart.setFileName(keyPair.getKeyName() + ".pem"); templatesParams.put("attachedSshKeyFileName", keyPairBodyPart.getFileName()); keyPairBodyPart.setContent(keyPair.getKeyMaterial(), "application/x-x509-ca-cert"); attachments.add(keyPairBodyPart); } else { throw e; } } // X509 SELF SIGNED CERTIFICATE Collection<SigningCertificate> certificates = iam .listSigningCertificates(new ListSigningCertificatesRequest().withUserName(userName)) .getCertificates(); // filter active certificates certificates = Collections2.filter(certificates, new Predicate<SigningCertificate>() { @Override public boolean apply(SigningCertificate signingCertificate) { return StatusType.Active.equals(StatusType.fromValue(signingCertificate.getStatus())); } }); if (certificates.isEmpty()) { java.security.KeyPair x509KeyPair = keyPairGenerator.generateKeyPair(); X509Certificate x509Certificate = generateSelfSignedX509Certificate(userName, x509KeyPair); String x509CertificatePem = Pems.pem(x509Certificate); UploadSigningCertificateResult uploadSigningCertificateResult = iam.uploadSigningCertificate( // new UploadSigningCertificateRequest(x509CertificatePem).withUserName(user.getUserName())); SigningCertificate signingCertificate = uploadSigningCertificateResult.getCertificate(); templatesParams.put("x509CertificateId", signingCertificate.getCertificateId()); userAccountChanges.add("Create x509 certificate"); logger.info("Created x509 certificate {}", signingCertificate); // email attachment: x509 private key { BodyPart x509PrivateKeyBodyPart = new MimeBodyPart(); x509PrivateKeyBodyPart.setFileName("pk-" + signingCertificate.getCertificateId() + ".pem"); templatesParams.put("attachedX509PrivateKeyFileName", x509PrivateKeyBodyPart.getFileName()); String x509privateKeyPem = Pems.pem(x509KeyPair.getPrivate()); x509PrivateKeyBodyPart.setContent(x509privateKeyPem, "application/x-x509-ca-cert"); attachments.add(x509PrivateKeyBodyPart); } // email attachment: x509 certifiate pem { BodyPart x509CertificateBodyPart = new MimeBodyPart(); x509CertificateBodyPart.setFileName("cert-" + signingCertificate.getCertificateId() + ".pem"); templatesParams.put("attachedX509CertificateFileName", x509CertificateBodyPart.getFileName()); x509CertificateBodyPart.setContent(x509CertificatePem, "application/x-x509-ca-cert"); attachments.add(x509CertificateBodyPart); } } else { SigningCertificate signingCertificate = Iterables.getFirst(certificates, null); logger.info("X509 certificate {} already exists", signingCertificate.getCertificateId()); templatesParams.put("x509CertificateId", signingCertificate.getCertificateId()); } sendEmail(templatesParams, attachments, userName); }
From source file:hudson.plugins.ec2.ssh.EC2SpotUnixLauncher.java
License:Open Source License
private int bootstrap(final Connection bootstrapConn, final EC2Computer computer, final PrintStream logger) throws IOException, InterruptedException, AmazonClientException { logger.println("bootstrap()"); boolean closeBootstrap = true; try {//from w w w. jav a 2 s. c o m int tries = 20; boolean isAuthenticated = false; logger.println("Getting keypair..."); final KeyPair key = computer.getCloud().getKeyPair(); logger.println("Using key: " + key.getKeyName() + "\n" + key.getKeyFingerprint() + "\n" + key.getKeyMaterial().substring(0, 160)); while (tries-- > 0) { logger.println("Authenticating as " + computer.getRemoteAdmin()); isAuthenticated = bootstrapConn.authenticateWithPublicKey(computer.getRemoteAdmin(), key.getKeyMaterial().toCharArray(), ""); if (isAuthenticated) { break; } logger.println("Authentication failed. Trying again..."); Thread.sleep(10000); } if (!isAuthenticated) { logger.println("Authentication failed"); return FAILED; } closeBootstrap = false; return SAMEUSER; } finally { if (closeBootstrap) bootstrapConn.close(); } }
From source file:hudson.plugins.ec2.ssh.EC2UnixLauncher.java
License:Open Source License
private int bootstrap(Connection bootstrapConn, EC2Computer computer, PrintStream logger) throws IOException, InterruptedException, AmazonClientException { logger.println("bootstrap()"); boolean closeBootstrap = true; try {//from w w w .j av a2s .c om int tries = 20; boolean isAuthenticated = false; logger.println("Getting keypair..."); KeyPair key = computer.getCloud().getKeyPair(); logger.println("Using key: " + key.getKeyName() + "\n" + key.getKeyFingerprint() + "\n" + key.getKeyMaterial().substring(0, 160)); while (tries-- > 0) { logger.println("Authenticating as " + computer.getRemoteAdmin()); isAuthenticated = bootstrapConn.authenticateWithPublicKey(computer.getRemoteAdmin(), key.getKeyMaterial().toCharArray(), ""); if (isAuthenticated) { break; } logger.println("Authentication failed. Trying again..."); Thread.sleep(10000); } if (!isAuthenticated) { logger.println("Authentication failed"); return FAILED; } closeBootstrap = false; return SAMEUSER; } finally { if (closeBootstrap) bootstrapConn.close(); } }
From source file:jp.aws.test.ec2.EC2Instance.java
License:Apache License
/** * ??/*from ww w . j a v a 2 s . c o m*/ * * @param keyPairName * @return * @throws Exception * * @code Pair<String, String> sshAuthenticationKey = createKeyPairs("hoge"); * Strinig fingerprint = sshAuthenticationKey.first; String material = * sshAuthenticationKey.second; * @endcode */ public Pair<String, String> createKeyPairs(String keyPairName) { KeyPair keyPair; CreateKeyPairRequest kpReq = new CreateKeyPairRequest(); kpReq.setKeyName(keyPairName); CreateKeyPairResult keyPairRes = clientManager.ec2().createKeyPair(kpReq); keyPair = keyPairRes.getKeyPair(); Pair<String, String> sshAuthenticationKey = new Pair<String, String>(keyPair.getKeyFingerprint(), keyPair.getKeyMaterial()); return sshAuthenticationKey; }
From source file:org.openinfinity.cloud.application.worker.component.EC2Worker.java
License:Apache License
private int createNewInstance(Job job) throws WorkerException { int returnValue = -1; String threadName = Thread.currentThread().getName(); LOG.debug(threadName + ": EC2Worker:createNewInstance starting"); String endPoint = PropertyManager.getProperty("cloudadmin.worker.eucalyptus.endpoint"); String amazonEndPoint = PropertyManager.getProperty("cloudadmin.worker.amazon.endpoint"); EC2Wrapper ec2 = new EC2Wrapper(); if (job.getCloud() == InstanceService.CLOUD_TYPE_AMAZON) { ec2.setEndpoint(amazonEndPoint); ec2.init(amazonCredentials, job.getCloud()); } else if (job.getCloud() == InstanceService.CLOUD_TYPE_EUCALYPTUS) { ec2.setEndpoint(endPoint);//w w w .j a va2 s . co m ec2.init(eucaCredentials, job.getCloud()); } LOG.debug(threadName + ": Creating keypair"); String keyName = "TOASinstance" + Integer.toString(job.getInstanceId()); Key key = null; try { KeyPair keyPair = ec2.createKeypair(keyName); key = new Key(); key.setFingerprint(keyPair.getKeyFingerprint()); key.setInstanceId(job.getInstanceId()); key.setName(keyPair.getKeyName()); key.setSecret_key(keyPair.getKeyMaterial()); keyService.addKey(key); } catch (Exception e) { LOG.error("Error: " + e.getMessage()); } if (createServices(job, key, ec2)) { returnValue = 1; instanceService.updateInstanceStatus(job.getInstanceId(), "Running"); } else { instanceService.updateInstanceStatus(job.getInstanceId(), "Error"); } return returnValue; }